package com.example.eureka.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{

    @Override
    public void configure(HttpSecurity http) throws Exception {
        //关闭eureka认证
//        http.authorizeRequests().anyRequest().permitAll().and().logout().permitAll();

        //默认开启了防csrf攻击。即不允许跨域。关闭csrf
        http.csrf().disable();
        //或者http.csrf().ignoringAntMatchers("/eureka/**");
        //开启认证 mvcMatchers("") 配置放行规则
        http.authorizeRequests().anyRequest().authenticated().and().httpBasic();
    }
}

